gafaelfawr — Authentication & identity

Gafaelfawr provides authentication and identity management services for the Rubin Science Platform. It is primarily used as an NGINX auth_request handler configured via annotations on the Ingress resources of Science Platform services. In that role, it requires a user have the required access scope to use that service, rejects users who do not have that scope, and redirects users who are not authenticated to the authentication process.

Gafaelfawr supports authentication via either OpenID Connect (often through CILogon) or GitHub.

Gafaelfawr also provides a token management API and (currently) UI for users of the Science Platform.

View on GitHub

applications/gafaelfawr Application template

Homepage

https://gafaelfawr.lsst.io/

Source

lsst-sqre/gafaelfawr

Related docs

Type

Helm

Namespace

gafaelfawr

Argo CD Project

infrastructure

Environments

base

values

Argo CD

ccin2p3

values

Argo CD

idfdemo

values

Argo CD

idfdev

values

Argo CD

idfint

values

Argo CD

idfprod

values

Argo CD

minikube

values

roe

values

Argo CD

roundtable-dev

values

Argo CD

roundtable-prod

values

Argo CD

summit

values

Argo CD

tucson-teststand

values

Argo CD

usdf-cm-dev

values

Argo CD

usdf-tel-rsp

values

Argo CD

usdfdev

values

Argo CD

usdfint

values

Argo CD

usdfprod

values

Argo CD

Guides